How kernel randomization is canceling memory deduplication in cloud computing systems

Fernando Vañó García, Hector Marco-Gisbert

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

7 Citations (Scopus)
216 Downloads (Pure)

Abstract

Cloud computing dramatically impacted the way we play, work and live. It has been widely adopted in many sectors mainly because it reduces the cost of performing tasks in a flexible, scalable and reliable way. The highest possible level of protection must be applied in order to provide a secure cloud computing architecture. Unfortunately, the cloud computing paradigm introduces new scenarios where security protection techniques are weakened or disabled to obtain better performance and resources exploitation. An important case is the memory deduplication mechanism which is canceled by the address space layout randomization (ASLR) protection technique. In this paper, we present a precise analysis of the impact on the memory deduplication technique when kernel randomization is enabled. Our experiments show that the memory overhead to run 24 kernels is increased by 534% (from 613 MiB to 3.9 GiB) when kernel ASLR is enabled.
Original languageEnglish
Title of host publication2018 IEEE 17th International Symposium on Network Computing and Applications
Subtitle of host publicationCambridge, MA, USA – November 1-3, 2018
PublisherIEEE
Number of pages4
ISBN (Electronic)9781538676592, 9781538676585
ISBN (Print)9781538676608
DOIs
Publication statusPublished - 1 Nov 2018
EventThe 17th IEEE International Symposium on Network Computing and Applications - Hyatt Regency Cambridge, Cambridge, United States
Duration: 1 Nov 20183 Nov 2018
http://www.ieee-nca.org/2018/

Conference

ConferenceThe 17th IEEE International Symposium on Network Computing and Applications
Abbreviated titleNCA 2018
Country/TerritoryUnited States
CityCambridge
Period1/11/183/11/18
Internet address

Keywords

  • Cloud
  • Memory Deduplication
  • Information Security
  • KASLR
  • Memory Management
  • Virtualization

Fingerprint

Dive into the research topics of 'How kernel randomization is canceling memory deduplication in cloud computing systems'. Together they form a unique fingerprint.

Cite this